Convert 'Security' section of smb.conf to new format

(This used to be commit 85eadec0838bdcb5604d5cf66b204ee610e2ad7a)

1 files changed, 85 insertions, 79 deletions

diff --git a/docs/docbook/smbdotconf/security/passwordserver.xml b/docs/docbook/smbdotconf/security/passwordserver.xml
index b803816d88..e40ff32b75 100644
--- a/docs/docbook/smbdotconf/security/passwordserver.xml
+++ b/docs/docbook/smbdotconf/security/passwordserver.xml
@@ -1,92 +1,98 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
-		<term><anchor id="PASSWORDSERVER"/>password server (G)</term>
-		<listitem><para>By specifying the name of another SMB server (such 
-		as a WinNT box) with this option, and using <command moreinfo="none">security = domain
-		</command> or <command moreinfo="none">security = server</command> you can get Samba 
-		to do all its username/password validation via a remote server.</para>
+<samba:parameter name="password server"
+                 context="G"
+                 advanced="1" wizard="1" developer="1"
+		 xmlns:samba="http://samba.org/common">
+<listitem>
+    <para>By specifying the name of another SMB server (such 
+    as a WinNT box) with this option, and using <command moreinfo="none">security = domain
+    </command> or <command moreinfo="none">security = server</command> you can get Samba 
+    to do all its username/password validation via a remote server.</para>
 
-		<para>This option sets the name of the password server to use. 
-		It must be a NetBIOS name, so if the machine's NetBIOS name is 
-		different from its Internet name then you may have to add its NetBIOS 
-		name to the lmhosts  file which is stored in the same directory 
-		as the <filename moreinfo="none">smb.conf</filename> file.</para>
+    <para>This option sets the name of the password server to use. 
+    It must be a NetBIOS name, so if the machine's NetBIOS name is 
+    different from its Internet name then you may have to add its NetBIOS 
+    name to the lmhosts  file which is stored in the same directory 
+    as the <filename moreinfo="none">smb.conf</filename> file.</para>
 
-		<para>The name of the password server is looked up using the 
-		parameter <link linkend="NAMERESOLVEORDER"><parameter moreinfo="none">name 
-		resolve order</parameter></link> and so may resolved
-		by any method and order described in that parameter.</para>
+    <para>The name of the password server is looked up using the 
+    parameter <link linkend="NAMERESOLVEORDER"><parameter moreinfo="none">name 
+    resolve order</parameter></link> and so may resolved
+    by any method and order described in that parameter.</para>
 
-		<para>The password server must be a machine capable of using 
-		the &quot;LM1.2X002&quot; or the &quot;NT LM 0.12&quot; protocol, and it must be in 
-		user level security mode.</para>
+    <para>The password server must be a machine capable of using 
+    the &quot;LM1.2X002&quot; or the &quot;NT LM 0.12&quot; protocol, and it must be in 
+    user level security mode.</para>
 
-		<note><para>Using a password server 
-		means your UNIX box (running Samba) is only as secure as your 
-		password server. <emphasis>DO NOT CHOOSE A PASSWORD SERVER THAT 
-		YOU DON'T COMPLETELY TRUST</emphasis>.</para></note>
+    <note><para>Using a password server  means your UNIX box (running
+    Samba) is only as secure as your  password server. <emphasis>DO NOT
+    CHOOSE A PASSWORD SERVER THAT  YOU DON'T COMPLETELY TRUST</emphasis>.
+    </para></note>
 		
-		<para>Never point a Samba server at itself for password 
-		serving. This will cause a loop and could lock up your Samba 
-		server!</para>
+    <para>Never point a Samba server at itself for password serving.
+    This will cause a loop and could lock up your Samba  server!</para>
 
-		<para>The name of the password server takes the standard 
-		substitutions, but probably the only useful one is <parameter moreinfo="none">%m
-		</parameter>, which means the Samba server will use the incoming 
-	 	client as the password server. If you use this then you better 
-		trust your clients, and you had better restrict them with hosts allow!</para>
+    <para>The name of the password server takes the standard 
+    substitutions, but probably the only useful one is <parameter moreinfo="none">%m
+    </parameter>, which means the Samba server will use the incoming 
+    client as the password server. If you use this then you better 
+    trust your clients, and you had better restrict them with hosts allow!</para>
 
-		<para>If the <parameter moreinfo="none">security</parameter> parameter is set to
-		<constant>domain</constant>, then the list of machines in this 
-		option must be a list of Primary or Backup Domain controllers for the
-		Domain or the character '*', as the Samba server is effectively
-		in that domain, and will use cryptographically authenticated RPC calls
-		to authenticate the user logging on. The advantage of using <command moreinfo="none">
-		security = domain</command> is that if you list several hosts in the 
-		<parameter moreinfo="none">password server</parameter> option then <command moreinfo="none">smbd
-		</command> will try each in turn till it finds one that responds. This 
-		is useful in case your primary server goes down.</para>
+    <para>If the <parameter moreinfo="none">security</parameter> parameter is set to
+    <constant>domain</constant>, then the list of machines in this 
+    option must be a list of Primary or Backup Domain controllers for the
+    Domain or the character '*', as the Samba server is effectively
+    in that domain, and will use cryptographically authenticated RPC calls
+    to authenticate the user logging on. The advantage of using <command moreinfo="none">
+    security = domain</command> is that if you list several hosts in the 
+    <parameter moreinfo="none">password server</parameter> option then <command moreinfo="none">smbd
+    </command> will try each in turn till it finds one that responds. This 
+    is useful in case your primary server goes down.</para>
 
-		<para>If the <parameter moreinfo="none">password server</parameter> option is set 
-		to the character '*', then Samba will attempt to auto-locate the 
-		Primary or Backup Domain controllers to authenticate against by 
-		doing a query for the name <constant>WORKGROUP&lt;1C&gt;</constant> 
-		and then contacting each server returned in the list of IP 
-		addresses from the name resolution source. </para>
+    <para>If the <parameter moreinfo="none">password server</parameter> option is set 
+    to the character '*', then Samba will attempt to auto-locate the 
+    Primary or Backup Domain controllers to authenticate against by 
+    doing a query for the name <constant>WORKGROUP&lt;1C&gt;</constant> 
+    and then contacting each server returned in the list of IP 
+    addresses from the name resolution source. </para>
 
-		<para>If the list of servers contains both names and the '*'
-		character, the list is treated as a list of preferred 
-		domain controllers, but an auto lookup of all remaining DC's
-		will be added to the list as well.  Samba will not attempt to optimize 
-		this list by locating the closest DC.</para>
+    <para>If the list of servers contains both names and the '*'
+    character, the list is treated as a list of preferred 
+    domain controllers, but an auto lookup of all remaining DC's
+    will be added to the list as well.  Samba will not attempt to optimize 
+    this list by locating the closest DC.</para>
 		
-		<para>If the <parameter moreinfo="none">security</parameter> parameter is 
-		set to <constant>server</constant>, then there are different
-		restrictions that <command moreinfo="none">security = domain</command> doesn't 
-		suffer from:</para>
+    <para>If the <parameter moreinfo="none">security</parameter> parameter is 
+    set to <constant>server</constant>, then there are different
+    restrictions that <command moreinfo="none">security = domain</command> doesn't 
+    suffer from:</para>
 
-		<itemizedlist>
-			<listitem><para>You may list several password servers in 
-			the <parameter moreinfo="none">password server</parameter> parameter, however if an 
-			<command moreinfo="none">smbd</command> makes a connection to a password server, 
-			and then the password server fails, no more users will be able 
-			to be authenticated from this <command moreinfo="none">smbd</command>.  This is a 
-			restriction of the SMB/CIFS protocol when in <command moreinfo="none">security = server
-			</command> mode and cannot be fixed in Samba.</para></listitem>
+    <itemizedlist>
+	<listitem>
+	    <para>You may list several password servers in 
+	    the <parameter moreinfo="none">password server</parameter> parameter, however if an 
+	    <command moreinfo="none">smbd</command> makes a connection to a password server, 
+	    and then the password server fails, no more users will be able 
+	    to be authenticated from this <command moreinfo="none">smbd</command>.  This is a 
+	    restriction of the SMB/CIFS protocol when in <command moreinfo="none">security = server
+	    </command> mode and cannot be fixed in Samba.</para>
+	</listitem>
+	    
+	<listitem>
+	    <para>If you are using a Windows NT server as your 
+	    password server then you will have to ensure that your users 
+	    are able to login from the Samba server, as when in <command moreinfo="none">
+	    security = server</command>  mode the network logon will appear to 
+	    come from there rather than from the users workstation.</para>
+	</listitem>
+    </itemizedlist>
 
-			<listitem><para>If you are using a Windows NT server as your 
-			password server then you will have to ensure that your users 
-			are able to login from the Samba server, as when in <command moreinfo="none">
-			security = server</command>  mode the network logon will appear to 
-			come from there rather than from the users workstation.</para></listitem>
-		</itemizedlist>
+    <para>See also the <link linkend="SECURITY"><parameter moreinfo="none">security
+    </parameter></link> parameter.</para>
 
-		<para>See also the <link linkend="SECURITY"><parameter moreinfo="none">security
-		</parameter></link> parameter.</para>
-
-		<para>Default: <command moreinfo="none">password server = &lt;empty string&gt;</command>
-		</para>
-		<para>Example: <command moreinfo="none">password server = NT-PDC, NT-BDC1, NT-BDC2, *
-		</command></para>
-		<para>Example: <command moreinfo="none">password server = *</command></para>
-		</listitem>
-		</samba:parameter>
+    <para>Default: <command moreinfo="none">password server = &lt;empty string&gt;</command></para>
+    
+    <para>Example: <command moreinfo="none">password server = NT-PDC, NT-BDC1, NT-BDC2, *</command></para>
+    
+    <para>Example: <command moreinfo="none">password server = *</command></para>
+</listitem>
+</samba:parameter>